Federal agencies have proposed new harmonized cybersecurity and compliance standards for modular construction and digital twin workflows. The initiative, led by NIST in collaboration with other departments, aims to streamline cross-state contractor requirements and support secure deployments in infrastructure and disaster-relief projects. It establishes unified protocols for data encryption, authentication, and supply-chain controls, targeting prefabricated modules, on-site systems, and digital twin environments.
Background
Increased adoption of modular construction and digital twins in public infrastructure has exposed gaps in cybersecurity and data governance. Previous efforts-such as NIST's publication of IR 8356 in February 2025-provided digital twin security frameworks addressing interoperability, threat protection, and trust mechanisms1Top 5 Interoperability Standards for Digital Twins | Anvil Labs. Federal guidance under Executive Orders 14028 (2021) and 14110 (2023) mandated the application of cybersecurity, supply-chain, and physical security standards to critical infrastructure, assigning NIST to identify relevant standards2https://www.federalregister.gov/documents/full_text/html/2025/01/17/2025-01395.html?utm_source=openai. Until now, a construction-specific harmonized standard had not been proposed.
Details
Under the new proposal, construction stakeholders would be required to implement standardized security protocols for prefabricated modules, contractor data exchanges, and digital twin models. Key measures include:
- Mandatory use of encryption and digital signatures
- Application of constrained delegation models to securely manage cross-team and supply-chain access
These protocols align with specifications in the Federal Register's digital twin interoperability notice3Federal Register Notice: 89 FR 51554, Federal Register :: Networking and Information Technology. Agencies plan to adapt existing frameworks, such as the NIST Cybersecurity Framework and Risk Management Framework, to suit construction-sector needs, including standards for modular interface developed with industry stakeholders and through ANSI-accredited processes4Modular Interoperability & Interface Standardization – The Future of Design & Delivery.
Federal officials emphasized that unified standards would help contractors meet compliance requirements across jurisdictions, especially during emergency response and rapid deployment. The approach aims to reduce regulatory complexity and eliminate redundant assessments by creating nationally aligned requirements.
Outlook
The proposal is now open for public comment in the Federal Register, with a 60-day window for industry and stakeholder feedback. Pending approval, agencies plan to integrate the standards into federal modular construction procurement and pilot programs starting in 2026.
